John W. Moore III wrote:
Joel C. Salomon wrote:
Folks,
I foolishly signed a key I had not verified well, and the signed version
is on a keyserver. How can I unsign it?
Select the Key with the offending Signature and revoke the Signature.
the command is --revsig form the Edit Key
Joel C. Salomon wrote:
I foolishly signed a key I had not verified well, and the signed version
is on a keyserver. How can I unsign it?
Go back in time.
Seriously, there's nothing you can do about it once it's on a keyserver.
___
Gnupg-users
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
don rhummy wrote:
What does GPG have to recover my data if i forgot my password?
Well, it won't stop you from trying to brute-force guess your password
until you get it right. Of course, depending on what you do remember
about your passphrase,
Robert J. Hansen wrote:
A: Depends on who you correspond with. There are still a lot of PGP 6
installs out there.
6.5.8 seems popular. Any idea why?
--
Key ID: 0xF88E034060A78FCB
Fingerprint: 4A84 CAE2 A0D3 2AEB 71F6 07FD F88E 0340 60A7 8FCB
Windows NT 6.0.6001.18145 | GPG 1.4.9 |
Robert J. Hansen wrote:
Andrew Berg wrote:
6.5.8 seems popular. Any idea why?
It was the last version of PGP to be released freeware for UNIX.
Ah.
PGP 6.5.8, like PGP 2.6, is good enough for most people and purposes.
Which means that no matter how much we want to get rid of them
Werner Koch wrote:
It just happens that I use Debian and that you can simply do an apt-get
install mingw32. But there is no reasons why you can't build that
chain from any other platform.
Unfortunately, I am unable to run anything but Windows right now (the
reason is way off topic) unless I
Initial testing (I encrypted a few files symmetrically using 3DES) shows
that Werner's generic build is actually faster. Werner, which version of
gcc do you use (or do you use something else?)?
I used gcc 3.4.5 (anything higher for Windows is in alpha or
experimental AFAIK). Correct me if I'm
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
How would one go about making sure everything works? I built GPG for
Windows following the instructions at
http://clbianco.altervista.org/gnupg/eng/gnupg.html (a link at
gnupg.org/download.html). Unfortunately, I cannot find the libcurl
package
The point of %path% is to search /directories/. A file is out of context
and meaningless here.
Thought I added this:
Use the GPG directory, and not the GPG executable itself.
--
Key ID: 0xF88E034060A78FCB
Fingerprint: 4A84 CAE2 A0D3 2AEB 71F6 07FD F88E 0340 60A7 8FCB
Windows NT 6.0.6001.18063
Werner Koch wrote:
I do not think that this is a too good idea. Newer version of GnuPG (in
particular Gpg4win) add a whole bunch of DLLs and other binaries to this
directory. Thus they would all be public and wrong DLLs might get used
by other applications.
I installed the regular package
Carlos Williams wrote:
On Mon, Aug 18, 2008 at 8:25 PM, Andrew Berg [EMAIL PROTECTED] wrote:
gpg --list-keys [EMAIL PROTECTED]
will show your public key's properties (including the key ID).
How do I make out which is my key ID? It is not clear and I can't find
any info? Also is my private
kurt c wrote:
What should I do now? I hope it's not too late to generate a revocation
certificate now that the key has already been created and sent to keyserver.
Nope. If you lose your secret key, then it's too late.
--
Key ID: 0xF88E034060A78FCB
Fingerprint: 4A84 CAE2 A0D3 2AEB 71F6 07FD
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
I have the right key. Thanks to everyone who confirmed it for me. I
would've sent myself one, but GMail thinks it's helpful when it takes
emails with my address in the From: field out of my inbox.
- --
Key ID: 0xF88E034060A78FCB
Fingerprint:
Faramir wrote:
Then I began to think... what does 06/09/08 mean? Here (at Chile), that
would mean September 6, 2008. But on USA, that means June 09, 2008.
Clearly, since we are at August 11, 2008, the time format in the output
message is mm/dd/yy. But my windows is using dd/mm/, so, maybe at
Robert J. Hansen wrote:
It is ridiculously hard to come up with a robust time and date standard.
Why is that?
Note that in some instances, GnuPG will use an ISO date format as
opposed to seconds-since-Epoch.
Is this for non-Unix-like systems or is it something completely different?
--
Key
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Ludwig Hügelschäfer wrote:
| I assume, FAEBD5FC is very well known and in a lot of keyrings. Can
| somebody check please? 32370053 seconds is 374,6533912037 days, 9 more
| than a year...
|
| Greetings
|
| Ludwig
It wasn't originally on my
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
I've moved between systems, and I may have an old secret key. Would
someone please verify that A) the signature is indeed from
0xF88E034060A78FCB (it seems to be, but I want to be sure), and that I
can decrypt messages encrypted to that key
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
reynt0 wrote:
| So two-fingered simpleton typing, or carpal tunnel syndrome
| typing, may be a protection :-) . And I guess, type at
| least your passwords, etc, in a way strange for you and for
| your keyboard.
I've gotten into the habit of
andrea giovannoni wrote:
Hi,
I have a problem with my default key.
gpg --default-key 0x12345578
gpg: Go ahead and type your message ...
Can you help me?
Because you have not specified a file, GPG tries to read from stdin.
Because there is nothing there, you see that message. The
kurt c wrote:
Ah so sorry, I run into another problem.
I followed the instruction and typed into my command prompt gpg --export
-a 0x8e758d5fmykey.asc in order to create an ASCII armored version of
my key and somehow I got the reply:
access is denied.
Why? Why? Why?
What was your working
Faramir wrote:
Andrew Berg escribió:
Faramir wrote:
It happens too with pop3... I hate that feature... well, it (gmail)
had to have some disadvantage...
Not in my experience. That's why I use POP3 instead of IMAP.
Do you mean you can see the messages you send to the list? Then I have
Faramir wrote:
It happens too with pop3... I hate that feature... well, it (gmail)
had to have some disadvantage...
Not in my experience. That's why I use POP3 instead of IMAP.
--
Key ID: 0xF88E034060A78FCB
Fingerprint: 4A84 CAE2 A0D3 2AEB 71F6 07FD F88E 0340 60A7 8FCB
Windows NT
John B wrote:
On 17 July 08, John Clizbe wrote:
A4: Yes, *only* when introducing the text of a forwarded message
Q4: Is it ever OK to top post?
A: Wrong, it's *never* correct, it leads only to someone, *again*, trying to
argue that somehow it's okay, and still discombobulates everything.
Alexander W. Janssen wrote:
Andrew Berg wrote:
James P. Howard, II wrote:
A minor vent: the problem now is the proliferation of mobile devices
which make it too difficult to not top post. Users, at this point,
are fooled into thinking this is the correct form due to the lack of a
practical
Alexander W. Janssen wrote:
Andrew Berg wrote:
On a side note, is there any reason I didn't see the last message I sent
to the list?
You're using Gmail... And probably IMAP? Common problem. Google calls it
a feature. You need to open the All Mail folder instead of the inbox.
I'm using POP3
James P. Howard, II wrote:
A minor vent: the problem now is the proliferation of mobile devices
which make it too difficult to not top post. Users, at this point,
are fooled into thinking this is the correct form due to the lack of a
practical alternative.
I think top-posting is common
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Werner Koch wrote:
| Thunderbird is free Software and one of the
| most important properties of Free Software is that you are allowed to
| distribute modified copies.
|
| But beware, the Mozilla Corporation has a trademark on the name of
|
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Faramir wrote:
| Hello!
| I have been carrying portable thunderbird with portable gnupg in
| my flash memory stick, plus GPGShell, and it works fine. But GPGShell
| licence forbids to redistribute it. The idea is to make that combo
|
John Clizbe wrote:
Andrew Berg wrote:
Bricks can be hallowed out. :P
HOLY BRICKBATS, BATMAN!
Would such bricks then be filled with the Holy Spirit to give them strength?
I must assume you meant 'hollowed'.
Yes I did. Of course, little plastic angel-like wings could be added for
effect
Robert J. Hansen wrote:
If you don't have physical security over your hardware, you don't have
anything. You cannot use GnuPG safely on a malicious machine
Exactly. There are keyloggers (both hardware and software),
screenloggers, USB drive copy programs, and a lot of other nasty stuff
you'll
John Clizbe wrote:
Andrew Berg wrote:
John Clizbe wrote:
set GNUPGHOME=x:\location\you\want
It would be inconvenient (and inconsiderate to the host machine's
owner(s)) to set an environment variable on every machine encountered,
wouldn't it? Sven's idea is much better, I
John Clizbe wrote:
set GNUPGHOME=x:\location\you\want
It would be inconvenient (and inconsiderate to the host machine's
owner(s)) to set an environment variable on every machine encountered,
wouldn't it? Sven's idea is much better, I think.
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Robert J. Hansen wrote:
| The last time I talked to a patent lawyer about software (I had a
nifty thing I wanted to implement and needed to make sure I wasn't
walking into a patent lawsuit), I paid my $200/hr and got this bit of
professional
Robert J. Hansen wrote:
Andrew Berg wrote:
Well, /I/ could've told you that. Don't tell me you never figured that
out on your own.
Unless your day job involves being intimately involved in IP
transactions (not just writing code), you could have _speculated_ on
that.
Although I would
John Clizbe wrote:
You are contemplating the successful completion of a task both so extremely
effortful and futile as to rightly proclaim the description Sisyphean.
Robert J. Hansen wrote:
In the universe of practicability, what he wants to do is not possible.
I know that. I just forgot to
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Robert J. Hansen wrote:
You don't. This isn't possible.
nitpick
Well, it could be /possible/, but many steps would be difficult,
illegal, expensive, or some combination of the three.
/nitpick
- --
Windows NT 5.1.2600.2180 | Thunderbird
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Robert D. wrote:
thank you for the help. I have relayed it to my friend. Mind you,
she's off again to her family and I am unable to watch the
repairs first hand.
There's also another way to handle it that I forgot to mention. If you
have a
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Robert D. wrote:
However, this started a different problem on her XP machine. Namely,
from a command prompt, typing in gpg yields an error stating that gpg
isn't registered or available or located or whatever.
I took it to mean that gpg
Charly Avital wrote:
My question, please help: where, how can I find and open, actually open
and edit as required, gpg.conf?
You have to create the file yourself and place it in ~/.gnupg.
Robert suggested gedit, but if you have KDE (you mentioned that you
installed kgpg), you can use Kate or
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Robert J. Hansen wrote:
I'm currently running GnuPG 1.4.7 on OS X 10.5 (Leopard). While I
haven't done any serious regression testing, routine operations
appear to work just fine.
Damn. And I was hoping you'd get your fiber for the day.
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Robert J. Hansen wrote:
I will eat my own hat if GnuPG has any problems whatsoever with
Leopard. From all that I know of Leopard, GnuPG will continue to
work just fine.
I will be getting Leopard very soon after release. If there are
any
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Henry Hertz Hobbit wrote:
It is so blisteringly fast that it is time to give credit where
credit is due. I had it updating our (my?) PAC filter. Even with
copying the executable for 7zip.exe on Windows it is so blisteringly
fast I can't
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Werner Koch wrote:
* Basic support for Windows.
Could you be more specific?
- --
Windows NT 5.1.2600.2180 | Thunderbird 2.0.0.4 | Enigmail 0.95.2 | GPG
1.4.7
Key ID: 0xF88E034060A78FCB - available on major keyservers and upon
request
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
If I run ./configure, it tells me it can only build for w32.
If I run ./autogen.sh --build-w32, it tells me to run make distclean.
If I run make distclean, it tells me there is no rule for distclean
and stops.
- --
Windows NT 5.1.2600.2180 |
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Charly Avital wrote:
Under MacOS 10.4.9, I run gpg2 from a binary installer compiled by
Ben Donnachie:
http://www.py-soft.co.uk/~benjamin/download/mac-gpg/ item
'mac-gpg 2.0.4-2.zip that uses libgcrypt 1.3.0 with support for
SHA224:
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Charly Avital wrote:
I built it from source from gnupg.org. No SHA224, no bzip2.
I believe it is because the src that is posted does not include
libgcrypt 1.3.0
It doesn't include any libgcrypt. The configure script said I didn't
have it, and
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
gpg2 -k returns some public keys, then this:
DBG: md_enable: algorithm 11 not available gpg: O j: ...
this is a bug (sig-check.c:450:check_backsig) Aborted
(GPG 2.0.4)
I'm testing FireGPG in Linux, and entered a lower-case 'k' by
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
There was a mismatch of GPG versions. I fixed that, and FireGPG makes
valid signatures with GPG 2.0.4.
The algorithm 11 not available problem remains, though.
- --
Windows NT 5.1.2600.2180 | Thunderbird 2.0.0.4 | Enigmail 0.95.2 | GPG
1.4.7
Key
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
John Clizbe wrote:
You also may wish to specify the new key as the default-key
along with various other helpful settings in gpg.conf.
I can't get the format right.
default-key 0xdecafbad# use this key to sign
default-recipient-self
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
1. Why is it using RIPEMD160, when my preference is SHA256?
C:\Documents and Settings\backup\ThunderbirdPortable\App\gpggpg
--edit-key Andrew Berg [EMAIL PROTECTED] gpg (GnuPG)
1.4.7; Copyright (C) 2006 Free Software Foundation, Inc
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Joseph Oreste Bruni wrote:
By definition of symmetric encryption, you must use the same key to
decrypt that was used to encrypt. I'm not sure what you're really
asking.
When you say public key is used to generate symmetric key you
lost
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
GPG creates a random key from a source of entropy such as
/dev/random. This key is used in a symmetric cipher such as AES128
to encrypt my message.
This symmetric KEY is then ENCRYPTED using your public key and
attached to the end of the
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Janusz A. Urbanowicz wrote:
On Sun, Jun 17, 2007 at 01:02:58PM -0500, Andrew Berg wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Atom Smasher wrote:
gpg does support RSA-2048/SHA-256 (or even RSA-4096/SHA-512) which
is what
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Atom Smasher wrote:
gpg does support RSA-2048/SHA-256 (or even RSA-4096/SHA-512) which
is what i've been using for a while now. i'll sign this email with
RSA-2048/SHA-256 (my default on this key) just to show what it
looks like. it's a big
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Robert Hübener wrote:
Andrew Berg wrote:
Try signing/encrypting files that are tens, hundreds, or
thousands of megabytes in size. Sure, your average machine can
sign/encrypt messages that don't even fill a cluster without
breaking a sweat
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Sven Radde wrote:
The actual bulk data processing is done by a symmetric algorithm
/ hash function. You only encrypt the key to the symmetric
algorithm / sign the hash value. Both are typically 256bit or
smaller.
In fact, the larger the
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Snoken wrote:
Hi, I just read the latest CRYPTO-GRAM, June 15, 2007, by Bruce
Schneier. He writes:
We have a new factoring record: 307 digits (1023 bits). It's a
special number -- 2^1039 - 1 -- but the techniques can be
generalized.
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Claude Poliakoff, MD FACS wrote:
downloaded and installed the Windows XP binary, tried entering
gpg.exe in a DOS cmd window, and command not recognized, so off to
Control PanelSystemadvanced tab added ;C:\Program
Files\GNU\GnuPGwith no
bits] gpg: public key is
BBC5C9CF :encrypted data packet: length: unknown mdc_method: 2 gpg:
using subkey BBC5C9CF instead of primary key 60A78FCB gpg:
encrypted with 2048-bit RSA key, ID BBC5C9CF, created 2007-04-20
Andrew Berg [EMAIL PROTECTED] gpg: using subkey
0CC897B5 instead of primary
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Bruno Costacurta wrote:
Hello, I received an encrypted file called 'test.asc' (recipient is
correct, hereafter it is truncated) but trying to decrypt it I have
following error :
gpg --decrypt test.asc gpg: encrypted with 2048-bit ELG-E key,
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
engage wrote:
I wasn't prompted for a passphrase!
Perhaps the message was only ASCII-armored.
- --
Windows NT 5.1.2600 | Thunderbird 2.0.0.0 | Enigmail 0.95.0 | GPG 1.4.7
Key ID: 0x60A78FCB - available on major keyservers and upon request
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Peter Todd wrote:
The *only* thing included in the hash is what is between the START
and END bits, that's it, no headers no nothing. I'm not positive,
but I belive the MIME based PGP is pretty similar. Of course, this
means that you can fake
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
John Clizbe wrote:
FWIW, the look for gpg.conf
in same directory as executable idea, falls apart if you ever need to have
additional copies of GnuPG in the case of different OS or CPUs.
There's not really a directory that W32, Mac, and*nix
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Peter S. May wrote:
Andrew Berg wrote:
In instances where GPG is used on a portable drive and used on
different machines, it is much better to have gpg.conf read from the
same directory as GPG rather than read from %appdata%\gnupg
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Benjamin Donnachie wrote:
David Shaw wrote:
For paper to last 100 years is not even vaguely impressive. Paper
regularly lasts many hundreds of years even under less than optimal
conditions.
All seems rather academic to me as I would
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
David Shaw wrote:
Most of the storage media in use today do not have particularly
good long-term (measured in years to decades) retention of data.
If and when the CD-R and/or tape cassette and/or hard drive the
secret key is stored on
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Ryan Malayter wrote:
Aren't optical discs supposed to last for many decades if stored
properly and almost never used?
Theory and practice are often far apart. The price of CD media has
dropped so low that quality is often an issue. CDfreaks
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
In instances where GPG is used on a portable drive and used on
different machines, it is much better to have gpg.conf read from the
same directory as GPG rather than read from %appdata%\gnupg or
~/.gnupg. Just to have it check the same
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Robert J. Hansen wrote:
I've been considering getting an OpenPGP Card, but there are
three reasons I'm reluctant to. The main one is that I want
something that will only do one signature or decryption at a
time. That way if my machine is
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Sven Radde wrote:
unless you can calculate SHA-1 values in your head...
I know it's off topic, but how hard would that be? I've never looked
over the algorithm.
How hard would it be to calculate MD5?
MD4? CRC32?
- --
Windows NT 5.1.2600 |
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Werner Koch wrote:
On Mon, 7 May 2007 16:58, [EMAIL PROTECTED] said:
gpg: can't create `/dev/null': No such file or directory
gpg: signing failed: file create error
Fixed in my working copy by using /dev/nul instead
How would that help?
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Janusz A. Urbanowicz wrote:
On Mon, May 07, 2007 at 04:27:55PM +0800, Jim Berland wrote:
Hello everybody,
I'm trying to find the best solution for using GPG on a USB drive
while travelling.
I read the FAQ about subkeys which suggests to
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
I used the -n switch to simulate signing and it returned an error
saying that /dev/null doesn't exist.
gpg -v -n -o somefile -s someotherfile
returns
gpg: can't create `/dev/null': No such file or directory
gpg: signing failed: file create error
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
I think that this problem came up before, and that one has to rename
gpgkeys_hkp.exe to gpgkeys_curl.exe (or was it the other way around?; I
can't remember).
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with
Laurent Jumet wrote:
Hello Andrew !
Andrew Berg [EMAIL PROTECTED] wrote:
owNCWmg2MUFZJlNZdJmIEgAAe3///nJoRmAH/Niv/3AAf///6gBYUQJIRKgCBAGA
EDAAMkCwANlIioNAGmgAAyAAAaA0aAAB6hoaA0YhwaNGgaDQGTEBkaGQABppkAAA
wQAGqZNBPFTbVPQnqaBoNGgZNMZQG1AAG1NAPUNo0IVjWWSuyM1TmmqY8NR90zKy
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Ludwig Hügelschäfer wrote:
Enigmail didn't even indicate a signed message :-((
Same here.
- --
/\_/\ /\_/\ /\_/\
( o.o ) ( o.o ) ( o.o )
^ ^ ^ Don't make me send my ASCII kitten minions.
Key ID: 0x9C6CC3A3
Fingerprint: 5474 04A6
Johan Wevers wrote:
Werner Koch wrote:
This is maintenance release to fix build problems found after the
release of 2.0.0 and to fix a buffer overflow in gpg2
Will there come a 1.4.6 too?
Yes.
I don't remember if this was asked, but will 1.4.6 have a Win32 build?
--
Joseph Oreste Bruni wrote:
Werner, your original ballot announcement ended up in my Junk box
accidentally by my filter. I only noticed it after a rare venture to
look to see what was there. Perhaps the HTML email is setting off
people's filters?
I don't think HTML was why, it could be because
78 matches
Mail list logo